Guided Tour

Firewall Security Manager provides exceptional capability for managing your firewalls, including a standardized presentation of firewall configurations, allowing you to view all of your firewall rules in an easy-to-understand tabular format.

SolarWinds’ Firewall Security & Analyzer Software Will Make You a Firewall Management Expert!

Firewalls are only as good as the rules that you’ve built. SolarWinds’ firewall rule analyzer feature can help ensure the integrity of those rules by analyzing and optimizing complex configurations, automating security and compliance audits, and simplifying change management to identify and eliminate weaknesses in your multi-vendor firewall environment.

Manage all of your firewall configs, rules, objects, interfaces, and problems in one place

Analyze and normalize firewall configurations from different vendors simultaneously

Compare firewall policies between different configuration versions

Leverage unified search and filter capabilities across all firewall types

SolarWinds Firewall Security Manager (FSM) provides quick and easy multi-vendor firewall management from a single, powerful, and intuitive console. FSM uses a fundamental understanding of architectural differences between vendors and devices to help simplify change management and troubleshooting in increasingly complex multi-vendor environments. You get crucial in-depth insight into your Layer 3 network security devices so you can ensure the right security policies are in place to keep your network protected.

From FSM’s unified management console, you can clean up rules to optimize security and performance, automate security audits to ensure compliance, model rule changes to understand the impact of a change, track rule changes for business justification, and much more. Best of all, you don’t have to be a security expert to do it!

The security audit builds a model of the device using the interfaces, objects, access lists, address translations, VPNs, routing rules, access-group statements, and other constructs that control how IP traffic flows through the firewall. If checks have been flagged for risks, a full drill-down capability isolates the root cause in the rulebase to facilitate remediation.

Since constant change is an opportunity for a misconfiguration or a new network exposure to be introduced, Firewall Security Manager also supports continuous compliance with scheduled reporting to identify how changes to the network may affect your security profile.

In addition, SolarWinds FSM covers all PCI DSS control items that evaluate how cardholder data has been segmented from the rest of the network, and provides comprehensive information on violations, including the responsible rules.

Leverage integrated FSM/Orion module to view firewall inventory and details in the same Web-based console as existing SolarWinds products

SolarWinds Firewall Security Manager provides a consolidated, intuitive dashboard that can be customized to your network and security needs. FSM’s dashboard delivers the essential information and critical alerts necessary to quickly assess your security status “at-a-glance,” while also allowing you to drill-down for more detailed information with point-and-click simplicity. The end result is the ability to find and fix critical issues fast to avoid potentially disastrous security exposure and costly compliance breaches.

From the dashboard, you can quickly and easily:

View Firewall Details, including ACL, NAT, & Route Rules

View High Risk Firewalls

View Prioritized Security Alerts

View Config Changes

Review Rules & Add Business Justification

View and Search Raw Config Text

Search Security Rules

View Rule/Object Cleanup Reports

View Audit Reports

View Firewall Services Report

With FSM’s easy-to-use, easy-to-understand dashboard, you can ensure the correct access control policies stay in place to help keep your network continuously secure and compliant. Moreover, FSM’s integrated Orion module lets you view all your firewall details in the same Web-based console as your existing SolarWinds products for single-pane-glass visibility and control.

With FSM, you can safely remove unnecessary rules without causing an adverse impact on existing service availability or exposing the business to unauthorized traffic. Plus, the rule usage analysis can be scheduled for continuous rulebase optimization and includes automatically generated change scripts to make the entire process completely straightforward and error-free.

Additional policy optimization is available from the structural redundancy cleanup. This feature identifies and removes the errors in the configuration that play no role in the firewall’s behavior. Overlapping, covered, and generalized rules, including all special case redundancies are automatically identified to give you the maximum possible opportunity to reduce your rulebase bloat and complexity with one powerful cleanup analysis.

« Less

Learn More about Our Firewall Rule Analyzer »

Change Impact Analysis

Firewall Security Manager predicts how firewall changes will impact packet traversal through the network, based on connectivity, routing, and the devices involved in a change request.

Eliminate the risk of making a change that could introduce a security exposure or block legitimate traffic

Demonstrate compliance to change management best practices by establishing a report trail for pre- and post-change validation

SolarWinds Firewall Security Manager (FSM) uses predictive change modeling to allow the user to evaluate the impact of proposed changes to ACL, NAT, and route rules on network operations. It creates a separate environment, called the Change Modeling Session, where changes can be safely made and tested before going live on the production environment.

During the change modeling stage, Firewall Security Manager uses virtual packet tracing to calculate how a data packet flows through your network and reports on where it's blocked and why—precisely identifying the devices and all the rules that block the packet. This makes it simple to determine if a service is allowed between any two points in your network and to decide on the change you would have to make to enable the service.

NOTE: The minimum server requirements listed assume default configuration. Significantly increasing the poll rate or statistic collection rate could result in additional load on the server, which may require a larger CPU or additional memory.

Must Have Features for SolarWinds’ Firewall Management Software

Network-Aware Firewall Analysis

Firewall Security Manager uses virtual packet tracing to calculate how a data packet flows through the network and reports on where it is blocked and why.

Trace the end-to-end path of a packet as it traverses through the network

Confirm that all devices along the path allow the packet to reach its intended destination

Identify what device policies are blocking the packet from reaching its destination

SolarWinds Firewall Security Manager includes a powerful tool called Packet Tracer that simulates the path of a packet through a Layer 3 network, so it truly understands how firewall traffic flows from an end-to-end perspective.

First, it finds all routable paths to the packet destination, taking into account NATing along the path.

Next, on a routable path, it evaluates the ACL on each device along the path to check if the device allows or drops the packet.

With this analysis, it’s possible to do more than check if a packet will reach its destination; it’s also possible to identify the device and precise policies that should be changed in order to allow the packet. This network-aware analysis greatly simplifies troubleshooting and streamlines change management tasks.

« Less

Learn More about Firewall Analysis »

Firewall Configuration Troubleshooting

SolarWinds’ firewall security software simplifies troubleshooting of the most complicated features inherent to Cisco®, Check Point® and Juniper® firewalls.

Map how polices relate to the structural and order dependencies between all of the ACLs, NATs, and routes

Easily specify the traffic you want to troubleshoot using a single IP address or subnet

SolarWinds Firewall Security Manager (FSM) simplifies troubleshooting of the most complicated features inherent to Cisco®, Check Point®, and Juniper® firewalls. Using Firewall Security Manager, you can simulate the behavior of the firewall so you can ask “what-if” questions to maintain network reachability.

With FSM, it’s easier than ever to map how polices relate to the structural and order dependencies inherent in the rulebase. With this information, service availability problems can be pinpointed and fixed without touching the production network.

SolarWinds Firewall Security Manager unifies and standardizes object definitions and usage across your entire network. Its semantic engine recognizes unique names across any number of firewalls and understands semantic equivalences and differences in object content. It helps you to isolate the relevant address and service objects used in firewall policies so that they can be correctly renamed, split, modified, or replaced with another object in the device configuration.

And, with Firewall Security Manager, you can ensure object changes are specified correctly through automated scripts that allow for additional review before deployment.

Leverage behavioral policy analysis across platforms to identify mismatches in new and original policies

Use Migration Comparison Wizard to easily identify policy differences between original and migrated configurations

Validate a migration from one device type to another by comparing their respective traffic flows

SolarWinds Firewall Security Manager provides policy equivalence across various firewall device types. The identified policy differences can help migration teams quickly address the problems and fix and revalidate the new device policies until they converge with the original policies.

Firewall Security Manager provides the basis for a systematic process to execute migrations and reduces the need for ad-hoc testing. This allows for greater control over migration projects to meet defined timelines.

Additionally, FSM includes a dedicated step-by-step migration approach to migrate Cisco® firewalls to Check Point®. This process provides several migration options to ensure the target firewall is not incorrectly translated, such as:

Demos

Firewalls are only as good as the rules that you’ve built. SolarWinds® Firewall Security Manager (FSM) simplifies firewall troubleshooting and change management for your multi-vendor, Layer 3 network devices and helps you find and fill gaps in your security rules.

Datasheets

Firewalls are only as good as the rules that you’ve built. SolarWinds® Firewall Security Manager (FSM) simplifies firewall troubleshooting and change management for your multi-vendor, Layer 3 network devices and helps you find and fill gaps in your security rules.

FSM provides exceptional capability for managing your firewalls, including a standardized presentation of firewall configurations, allowing you to view all of your firewall rules in an easy-to-understand tabular format.

Whitepapers

Firewall management is key to effective network change and configuration management. This whitepaper will help you understand the how to effectively manage your enterprise firewalls and overall network configuration.

Having trouble managing your firewall rule bases, and changes in firewall configurations? How will you ensure that changes to a firewall policy do not have an unexpected negative impact? Are you conducting regular firewall security audits? Read this paper to learn some industry-wide firewall management best practices.

Product FAQ

Q: How is Firewall Security Manager licensed?

A: SolarWinds Firewall Security Manager is licensed based on the number of devices (firewalls and routers) that you want to analyze. The lowest license tier you can purchase is up to 4 firewalls.
View pricing and licensing options.

Q: Can I install Firewall Security Manager on more than one workstation?

A: SolarWinds Firewall Security Manager can be installed on as many workstations as needed but may only analyze and manage up to the number of firewalls licensed, i.e. if you have 4 firewalls to manage you must purchase a license for up to 4 firewalls regardless of the number of workstations you plan to install the client on.